From 5ffa313d9f6b7c509aa0d7579273150d71ea0f95 Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Fri, 4 Dec 2009 05:12:35 +0000 Subject: Consolidate the IOV and non-IOV encryption/decryption code paths, and drop the _iov suffix from most encryption- and decryption-related functions. The enc_provider encrypt and decrypt functions take IOVs, as do the enctype entries in etypes.c, and there are no separate encrypt_iov or decrypt_iov functions. aead_provider is gone. Enctype functions now take pointers to the enctype entry instead of pointers to the enc/hash/aead providers; this allows dk_encrypt and dk_decrypt to be polymorphic in the length function they use now that AES and DES3 can't differentiate by aead provider. aes_string_to_key needed to be moved into the krb/ fold for this since it's an enctype function; it was duplicated between builtin/ and openssl/ before. This leaves openssl/aes empty; the build system currently demands that all modules have the same directory structure, so the directory and Makefile will stick around for now. Three separate copies of the derive_random logic are also now consolidated into one. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23444 dc483132-0cff-0310-8789-dd5450dbe970 --- src/include/k5-int.h | 43 ++++++++----------------------------------- 1 file changed, 8 insertions(+), 35 deletions(-) (limited to 'src/include') diff --git a/src/include/k5-int.h b/src/include/k5-int.h index 19389145ac..cbe0fd9cde 100644 --- a/src/include/k5-int.h +++ b/src/include/k5-int.h @@ -647,12 +647,11 @@ struct krb5_enc_provider { keylength is the output size */ size_t block_size, keybytes, keylength; - /* cipher-state == 0 fresh state thrown away at end */ krb5_error_code (*encrypt)(krb5_key key, const krb5_data *cipher_state, - const krb5_data *input, krb5_data *output); + krb5_crypto_iov *data, size_t num_data); - krb5_error_code (*decrypt)(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output); + krb5_error_code (*decrypt)(krb5_key key, const krb5_data *cipher_state, + krb5_crypto_iov *data, size_t num_data); krb5_error_code (*make_key)(const krb5_data *randombits, krb5_keyblock *key); @@ -662,13 +661,6 @@ struct krb5_enc_provider { krb5_data *out_state); krb5_error_code (*free_state)(krb5_data *state); - /* In-place encryption/decryption of multiple buffers */ - krb5_error_code (*encrypt_iov)(krb5_key key, const krb5_data *cipher_state, - krb5_crypto_iov *data, size_t num_data); - - krb5_error_code (*decrypt_iov)(krb5_key key, const krb5_data *cipher_state, - krb5_crypto_iov *data, size_t num_data); - }; struct krb5_hash_provider { @@ -703,26 +695,6 @@ struct krb5_keyhash_provider { krb5_boolean *valid); }; -struct krb5_aead_provider { - krb5_error_code (*crypto_length)(const struct krb5_aead_provider *aead, - const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_cryptotype type, - unsigned int *length); - krb5_error_code (*encrypt_iov)(const struct krb5_aead_provider *aead, - const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, krb5_keyusage keyusage, - const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data); - krb5_error_code (*decrypt_iov)(const struct krb5_aead_provider *aead, - const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, krb5_keyusage keyusage, - const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data); -}; - /* * in here to deal with stuff from lib/crypto */ @@ -2575,11 +2547,12 @@ krb5_error_code KRB5_CALLCONV krb5int_clean_hostname(krb5_context, const char *, char *, size_t); krb5_error_code -krb5int_aes_encrypt(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output); +krb5int_aes_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + size_t num_data); + krb5_error_code -krb5int_aes_decrypt(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output); +krb5int_aes_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + size_t num_data); struct _krb5_kt { /* should move into k5-int.h */ krb5_magic magic; -- cgit